1. Field
This invention relates to the field of data security. In particular, the invention relates to a platform and method for certifying a key within protected hardware.
2. Background
Advances in technology have opened up many opportunities for applications that go beyond the traditional ways of doing business. Electronic commerce (e-commerce) and business-to-business (B2B) transactions are now becoming popular, reaching the global markets at a fast rate. Unfortunately, while electronic platforms like computers provide users with convenient and efficient methods of doing business, communicating and transacting, they are also vulnerable for unscrupulous attacks. Examples of these attacks include virus, intrusion, security breach, and tampering, to name a few. Therefore, it is becoming more and more important to protect the integrity of data stored within or downloaded into a platform.
Various data security mechanisms may be used to protect the integrity of data exchanged between electronic platforms. One type of data security mechanism involves the development of cryptographic hardware having a private key stored in a secure manner. This hardware produces a digital signature by digitally signing data with the pre-stored private key in accordance with a selected digital signature function (e.g., Digital Signature Algorithm “DSA”). Accompanying the data during transmission, the digital signature protects the integrity of the data.
In order to recover the data, an authentication certificate normally accompanies the digital signature. The authentication certificate provides a public key corresponding to the private key for use in data recovery and for certifying (or attesting) to something. The meaning of a certificate depends on the contents of the certificate and the empowerment of the certificate signer (issuer).